<?php
/* webmin setup */
$authorized_ips				= array(''); // enter a list of user IP addresses in single quotes authorized to use this application, comma separated
$mysql_hostname				= 'localhost';
$mysql_username				= '';
$mysql_database				= '';
$mysql_password				= '';

// deny access to anyone not contained in $authorized_ips
if(!in_array($_SERVER['REMOTE_ADDR'], $authorized_ips)) exit;

// database connection
mysql_connect($mysql_hostname, $mysql_username, $mysql_password) or die(mysql_error());
mysql_select_db($mysql_database) or die(mysql_error());

// webmin_get_sql() helper function
function webmin_getsql($query) {
	$sql = mysql_query($query) or die(mysql_error());
	
	$result = array();
	while($row = mysql_fetch_object($sql)) {
		array_push($result, $row);
	}

	return $result;
}
?>
<style type="text/css">
body, table {
	font: 12px "Trebuchet MS", Arial, Helvetica, sans-serif;
}

table {
	border: 1px solid #ccc;
	padding: 2px;
}

table tr th, table tr td {
	padding: 2px 5px;
	border-bottom: 1px solid #eee;
}

table tr:hover td {
	background: #eee;
}

table tr th {
	vertical-align: top;
	background: #eee;
}
</style>

<h1>sqlMin</h1>
<p><a href="<?=$_SERVER['REQUEST_URI']?>">Refresh</a></p>

<?php
/* SQL QUERY */
echo '<h3>SQL QUERY</h3>';
echo '<form action="'.$_SERVER['REQUEST_URI'].'" method="post">';

echo '<textarea rows="5" cols="50" name="sql">'.stripslashes($_POST['sql']).'</textarea><br />Access Code: <input type="text" name="access" value="'.$_POST['access'].'" /><input type="submit" value="Run SQL Query" />';
if(isset($_POST['sql'])) {
	if($_POST['access'] == $mysql_password) {
		echo '
		<h3>SQL QUERY RESULT</h3>
		<table cellspacing="2">
			<tr>
				<th>Field</th>
				<th>Value</th>
			</tr>
		';
		$results = webmin_getsql(stripslashes($_POST['sql']));
		foreach($results as $row) {
			foreach($row as $key => $val) {
				echo '<tr><th>',$key,'</th><td>', stripslashes($val), '</td></tr>';
			}
		}
		echo '</table>';
	} else {
		echo '<p><strong>Invalid access code. SQL query halted.</strong></p>';
	}
}
echo '</form>';

/* SHOW+DESCRIBE TABLES */
echo '<h3>SHOW+DESCRIBE TABLES</h3>';
$rows = webmin_getsql("SHOW TABLES");

echo '
<table cellspacing="0">
	<tr>
		<th>Table</th>
		<th>Field</th>
		<th>Type</th>
		<th>Null</th>
		<th>Key</th>
		<th>Default</th>
		<th>Extra</th>
	</tr>
';

$tables = array();
foreach($rows as $row) {
	$table = $row->{"Tables_in_{$mysql_database}"};
	array_push($tables, $table);
	$fields = webmin_getsql("DESCRIBE {$table}");
	foreach($fields as $field) {
	echo '
<tr>
<td><a href="?select=',$table,'#select">', $table, '</a></td>
<td>', $field->Field, '</td>
<td>', $field->Type, '</td>
<td>', $field->Null, '</td>
<td>', $field->Key, '</td>
<td>', $field->Default, '</td>
<td>', $field->Extra, '</td>
</tr>
';
	}
}
echo '</table>';


/* SELECT */
if(isset($_GET['select']) && in_array($_GET['select'], $tables)) {
	echo strtoupper('<h3><a name="select">SELECT * FROM '.$_GET['select'].'</a></h3>');
	echo '
	<table cellspacing="2">
		<tr>
			<th>Field</th>
			<th>Value</th>
		</tr>
	';

	$rows = webmin_getsql("SELECT * FROM ".addslashes($_GET['select']));

	foreach($rows as $row) {
		foreach($row as $field => $val) {
			echo '
			<tr>
				<th>',$field,'</th>
				<td>',$val,'</td>
			</tr>
			';
		}
		
	}
	echo '</table>';
}